SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
9 updates (x86_64). Including a (* Security fix *)! : 9 upgraded
Code:
Wed Nov 9 22:16:30 UTC 2022
a/btrfs-progs-6.0.1-x86_64-1.txz: Upgraded.
ap/sysstat-12.7.1-x86_64-1.txz: Upgraded.
On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1,
allocate_structures contains a size_t overflow in sa_common.c. The
allocate_structures function insufficiently checks bounds before arithmetic
multiplication, allowing for an overflow in the size allocated for the
buffer representing system activities.
This issue may lead to Remote Code Execution (RCE).
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-39377
(* Security fix *)
kde/bluedevil-5.26.3.1-x86_64-1.txz: Upgraded.
kde/breeze-5.26.3.1-x86_64-1.txz: Upgraded.
kde/oxygen-sounds-5.26.3.1-x86_64-1.txz: Upgraded.
l/gdk-pixbuf2-2.42.10-x86_64-1.txz: Upgraded.
l/orc-0.4.33-x86_64-1.txz: Upgraded.
n/mobile-broadband-provider-info-20221107-x86_64-1.txz: Upgraded.
xfce/xfce4-settings-4.16.4-x86_64-1.txz: Upgraded.
Fixed an argument injection vulnerability in xfce4-mime-helper.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45062
(* Security fix *)
7 updates (x86_64). Including a (* Security fix *)! : 7 upgraded
Code:
Thu Nov 10 19:47:59 UTC 2022
ap/texinfo-7.0-x86_64-1.txz: Upgraded.
l/iso-codes-4.12.0-noarch-1.txz: Upgraded.
l/lcms2-2.14-x86_64-1.txz: Upgraded.
l/mozilla-nss-3.85-x86_64-1.txz: Upgraded.
l/pipewire-0.3.60-x86_64-1.txz: Upgraded.
n/php-7.4.33-x86_64-1.txz: Upgraded.
This update fixes bugs and security issues:
GD: OOB read due to insufficient input validation in imageloadfont().
Hash: buffer overflow in hash_update() on long parameter.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-31630
https://www.cve.org/CVERecord?id=CVE-2022-37454
(* Security fix *)
x/ibus-table-1.16.14-x86_64-1.txz: Upgraded.
13 updates (x86_64). Including a (* Security fix *)! : 12 upgraded, 1 rebuilt
Code:
Thu Nov 17 01:49:28 UTC 2022
ap/man-db-2.11.1-x86_64-1.txz: Upgraded.
ap/nano-7.0-x86_64-1.txz: Upgraded.
ap/sqlite-3.40.0-x86_64-1.txz: Upgraded.
kde/plasma-framework-5.100.0-x86_64-2.txz: Rebuilt.
[PATCH] svgitem: do not upscale svg when using fractional scaling.
l/netpbm-11.00.02-x86_64-1.txz: Upgraded.
n/bind-9.18.9-x86_64-1.txz: Upgraded.
n/krb5-1.20.1-x86_64-1.txz: Upgraded.
Fixed integer overflows in PAC parsing.
Fixed null deref in KDC when decoding invalid NDR.
Fixed memory leak in OTP kdcpreauth module.
Fixed PKCS11 module path search.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-42898
(* Security fix *)
n/samba-4.17.3-x86_64-1.txz: Upgraded.
Fixed a security issue where Samba's Kerberos libraries and AD DC failed
to guard against integer overflows when parsing a PAC on a 32-bit system,
which allowed an attacker with a forged PAC to corrupt the heap.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-42898.html
https://www.cve.org/CVERecord?id=CVE-2022-42898
(* Security fix *)
x/libXft-2.3.7-x86_64-1.txz: Upgraded.
x/wayland-protocols-1.29-noarch-1.txz: Upgraded.
xap/mozilla-firefox-107.0-x86_64-1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/107.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2022-47/
https://www.cve.org/CVERecord?id=CVE-2022-45403
https://www.cve.org/CVERecord?id=CVE-2022-45404
https://www.cve.org/CVERecord?id=CVE-2022-45405
https://www.cve.org/CVERecord?id=CVE-2022-45406
https://www.cve.org/CVERecord?id=CVE-2022-45407
https://www.cve.org/CVERecord?id=CVE-2022-45408
https://www.cve.org/CVERecord?id=CVE-2022-45409
https://www.cve.org/CVERecord?id=CVE-2022-45410
https://www.cve.org/CVERecord?id=CVE-2022-45411
https://www.cve.org/CVERecord?id=CVE-2022-45412
https://www.cve.org/CVERecord?id=CVE-2022-45413
https://www.cve.org/CVERecord?id=CVE-2022-40674
https://www.cve.org/CVERecord?id=CVE-2022-45415
https://www.cve.org/CVERecord?id=CVE-2022-45416
https://www.cve.org/CVERecord?id=CVE-2022-45417
https://www.cve.org/CVERecord?id=CVE-2022-45418
https://www.cve.org/CVERecord?id=CVE-2022-45419
https://www.cve.org/CVERecord?id=CVE-2022-45420
https://www.cve.org/CVERecord?id=CVE-2022-45421
(* Security fix *)
xap/mozilla-thunderbird-102.5.0-x86_64-1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/102.5.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-49/
https://www.cve.org/CVERecord?id=CVE-2022-45403
https://www.cve.org/CVERecord?id=CVE-2022-45404
https://www.cve.org/CVERecord?id=CVE-2022-45405
https://www.cve.org/CVERecord?id=CVE-2022-45406
https://www.cve.org/CVERecord?id=CVE-2022-45408
https://www.cve.org/CVERecord?id=CVE-2022-45409
https://www.cve.org/CVERecord?id=CVE-2022-45410
https://www.cve.org/CVERecord?id=CVE-2022-45411
https://www.cve.org/CVERecord?id=CVE-2022-45412
https://www.cve.org/CVERecord?id=CVE-2022-45416
https://www.cve.org/CVERecord?id=CVE-2022-45418
https://www.cve.org/CVERecord?id=CVE-2022-45420
https://www.cve.org/CVERecord?id=CVE-2022-45421
(* Security fix *)
xfce/xfce4-settings-4.16.5-x86_64-1.txz: Upgraded.
This update fixes regressions in the previous security fix:
mime-settings: Properly quote command parameters.
Revert "Escape characters which do not belong into an URI/URL (Issue #390)."
Since applying the updates to -current on the 17th Nov, I'm seeing 100% cpu usage on one core after rebooting. The offending item seems to be gnome-keyring-d. Killing it stops the 100% cpu load, and doesn't appear to have any adverse effects.
Since applying the updates to -current on the 17th Nov, I'm seeing 100% cpu usage on one core after rebooting. The offending item seems to be gnome-keyring-d. Killing it stops the 100% cpu load, and doesn't appear to have any adverse effects.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.